BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Hack drains $17M from Matcha Meta users via SwapNet flaw now

SwapNet approval exploit drains nearly $17M from Matcha Meta users — revoke unlimited aggregator approvals

  • A Hacker stole nearly $17 million in crypto from users of Matcha Meta.
  • The attack began around 5:10 p.m. London time on January 25 and was reported later that evening.
  • Matcha Meta attributed the incident to the integrated aggregator SwapNet.
  • Users who granted ongoing approvals should revoke permissions to aggregators outside 0x’s One-Time Approval contracts.
  • Security firms and researchers highlighted an “approval” exploit as the likely mechanism behind the drain.

A hacker stole almost $17 million in crypto from users of Matcha Meta on January 25, with activity beginning at about 5:10 p.m. London time and initial reports emerging that evening. The incident involved trades routed through the aggregator SwapNet, and the team behind Matcha Meta traced the issue to that integration.

- Advertisement -

Security firm PeckShield characterised the event as a security breach, as noted in its post on X, and Matcha Meta later confirmed the attack in its own X announcement. PeckShield characterised the incident, and Matcha Meta confirmed the breach on X.

The project said users whose trades were routed via SwapNet and who did not use One-Time Approvals are at risk. It advised users to revoke approvals to any individual aggregators that are outside of 0x’s One-Time Approval contracts. Matcha Meta stated that, “The nature of the incident was not associated with 0x’s AllowanceHolder or Settler contracts,” clarifying which components were unaffected.

The attack appears linked to unlimited token approvals, which let an aggregator spend a user’s tokens without repeated confirmations. Researcher Weilin Li of University College London described the mechanism on X, saying “The root cause appears to be an arbitrary call controlled by the attacker that drains the open allowance to this contract,” and adding that “This is the largest approval attack (excluding phishing) I’ve ever seen.” Weilin Li wrote about the exploit.

DeFi security concerns have grown after large code exploits last year. A report by blockchain security firm Slowmist recorded more than $649 million stolen via code exploits over the prior year. The Slowmist report details those incidents.

- Advertisement -

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

WordPress core hit by zero-click RCE bug, patch now live

WordPress patched a pre-authentication remote code execution flaw in versions 6.9.5 and 7.0.2 on...

ECB: Stablecoin growth puts European bank deposits at risk

ECB board member Piero Cipollone warned Friday that stablecoin growth could strip European banks...

Tesla Launches Megacharger Network with Bloomington Station

Tesla opened a new public Megacharger station in Bloomington, California, calling it the start...

Apple Overtakes Nvidia as World’s Most Valuable Public Company

Apple briefly surpassed NVIDIA as the world’s most valuable publicly traded company, hitting an...

Galaxy Digital buys naming rights to Texas Tech stadium in 15-year deal

Galaxy Digital signed a 15-year naming rights deal with Texas Tech, renaming the football...

Must Read

17 Best Audiobooks On Blockchain Technology For Beginners

If you're looking to dive into the world of blockchain technology, you're in for a treat. The field is rapidly evolving and the potential...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading